$2.7 million await successful Pwnium 4 contestants
Posted on 24 January 2014.
Google has, once again, called security researchers to participate in its annual Pwnium contest scheduled to be held at the CanSecWest security conference in Vancouver in mid-March.


The fourth edition of the hacking contest will, as last year, focus on the company's Chrome OS, and competitors will contend for sizeable prizes.

Contestants who manage to execute a browser or system-level compromise in guest mode or as a logged-in user, delivered via a web page, will win $110,000, and those who carry our a compromise with device persistence (“persistent Guest-to-Guest exploit” with interim reboot, delivered via a web page) will gain a cool $150,000.

The prize pool is $2.71828 million in total.

"New this year, we will also consider significant bonuses for demonstrating a particularly impressive or surprising exploit. Potential examples include defeating kASLR, exploiting memory corruption in the 64-bit browser process or exploiting the kernel directly from a renderer process," explained Jorge Lucángeli Obes, Google security engineer and Pwnium Master of Ceremonies.

"Past Pwnium competitions have focused on Intel-based Chrome OS devices, but this year researchers can choose between an ARM-based Chromebook, the HP Chromebook 11 (WiFi), or the Acer C720 Chromebook (2GB WiFi) that is based on the Intel Haswell microarchitecture. The attack must be demonstrated against one of these devices running the then-current stable version of Chrome OS."

As usual, to win a prize they will have to deliver a full exploit with thorough explanations about the exploited bugs. Any software included with the default installation may be used as part of the attack.

Researchers thinking of registering have until March 10th, 2014 to decide.

For more details, check out the official rules for the contest.









Spotlight

USBdriveby: Compromising computers with a $20 microcontroller

Posted on 19 December 2014.  |  Security researcher Samy Kamkar has devised a fast and easy way to compromise an unlocked computer and open a backdoor on it: a simple and cheap ($20) pre-programmed Teensy microcontroller.


Weekly newsletter

Reading our newsletter every Monday will keep you up-to-date with security news.
  



Daily digest

Receive a daily digest of the latest security news.
  
DON'T
MISS

Fri, Dec 19th
    COPYRIGHT 1998-2014 BY HELP NET SECURITY.   // READ OUR PRIVACY POLICY // ABOUT US // ADVERTISE //